gcc complains rightfully:
src/ssl_sock.c: In function ‘ssl_load_global_issuers_from_path’:
src/ssl_sock.c:9860:4: warning: format not a string literal and no format
arguments [-Wformat-security]
ha_warning(warn);
^
Introduced in 70df7bf19cebd5593c0abb01923e6c9f72961da6.
---
src/ssl_sock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e30bb8a6c..ade5ffc84 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -9857,7 +9857,7 @@ static int ssl_load_global_issuers_from_path(char **args,
int section_type, stru
goto next;
ssl_load_global_issuer_from_BIO(in, fp, &warn);
if (warn) {
- ha_warning(warn);
+ ha_warning("%s", warn);
free(warn);
warn = NULL;
}
--
2.25.0
